Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
New Ownership - Policies and Changes Going Forward
The stories and information posted here are artistic works of fiction and falsehood. Only a fool would take anything posted here as fact.
Thread Rating:
  • 0 Vote(s) - 0 Average


SSL problem with self-generated certificates? filter_list
Author
Message
3SidedSquare Offline
Senior Member
Twelve Years of Service
Posts: 494
Threads: 47
Reputation: 0
Currency: 0 NSP
SSL problem with self-generated certificates? 07-05-2013, 12:48 AM #1
Just a quick question for all of you knowlegeable about encryption:

If I am using a self-generated certificate (as opposed to a bought certificate) for an SSL connection, is there any chance of the messages being intercepted, or of a MIM attack?

P.S. I'm using python's bult-in ssl library to wrap sockets, if it makes any difference.
[Image: jWSyE88.png]

Reply

w00t Offline
I'm here to make you think differently.
Registered (Legends)
Twelve Years of Service
Posts: 1,244
Threads: 7
Reputation: 0
Currency: 48 NSP
SmartSuper EliteLegendaryGold
RE: SSL problem with self-generated certificates? 07-05-2013, 01:34 AM #2
Self-signed = trivial to MITM.

Ok I got bored so let me elaborate.

When you self-sign it, that means there isn't anyone else that can verify if the public key the client received is the correct one. This means an attacker can just intercept the SSL handshake and give the client their self-signed certificate.

Reply

3SidedSquare Offline
Senior Member
Twelve Years of Service
Posts: 494
Threads: 47
Reputation: 0
Currency: 0 NSP
RE: SSL problem with self-generated certificates? 07-05-2013, 01:51 AM #3
Got it, thanks a bunch w00t.
[Image: jWSyE88.png]

Reply







Users browsing this thread: 2 Guest(s)